Physical Layer Security for Wireless Position Location in the Presence of Location Spoofing

Lee, Jeong Heon

14 March 2011

While significant research effort has been dedicated to wireless position location over the past decades, most location security aspects have been overlooked. Recently, with the proliferation of diverse wireless devices and the desire to determine their position, there is an increasing concern about the security of location information which can be spoofed or disrupted by adversaries or unreliable signal sources. This dissertation addresses the problem of securing a radio location system against location spoofing, specifically the characterization, analysis, detection, and localization of location spoofing attacks by focusing on fundamental location estimation issues. The objective of this dissertation is four-fold. First, it provides an overview of fundamental security issues for position location, particularly associated with range-based localization. Of particular interest are security risks and vulnerabilities in location estimation, types of localization attacks, and their impact. The second objective is to characterize the effects of signal strength and beamforming attacks on range estimates and the resulting position estimate. The characterization can be generalized to a variety of location spoofing attacks and provides insight into the anomalous behavior of range and location estimators when under attack. Through this effort we can also identify effective attacks that are of particular interest to attack detection and localization. The third objective is to develop an effective technique for attack detection which requires neither prior environmental nor statistical knowledge. This is accomplished by exploiting the bilateral behavior of a hybrid framework using two received signal strength (RSS) based location estimators. We show that the resulting approach is effective at detecting attacks with the detection rate increasing with the severity of the induced location error. The last objective of this dissertation is to develop a localization method resilient to attacks and other adverse effects. Since the detection and localization approach relies solely on RSS measurements in order to be applicable to a wide range of wireless systems and scenarios, this dissertation focuses on RSS-based position location. Nevertheless, many of the basic concepts and results can be applied to any range-based positioning system. / Ph. D.

Location Security

Attack Detection

Secure Positioning

Location Estimation

Sustainable food security futures: Perspectives on food waste and information across the food supply chain

Irani, Zahir, Sharif, Amir M.

January 2016

Yes / The purpose of this paper is to signpost the genesis of food security and associated factors such that organisations, enterprises, policy makers and interested stakeholders can seek to explore and understand this important societal issue. The challenges that food security poses are eclectic in nature and cut through country, society, organisation and individual boundaries. Only through identifying these factors – hence identifying underlying factors of food waste and usage of information within food supply chains to untangle them – can we adopt enterprise interventions in order to initiate and mitigate food security risk. As a viewpoint piece, there is no empirical work to report in this paper. An exploratory review of the literature has allowed for the extraction of food security concerns that need the attention of stakeholders across the enterprise to ensure robust food supply chains can be are created, maintained and sustained through a better understanding and usage of information, knowledge and data This paper articulates six constructs that underpin the challenges of establishing food security. It is suggested that information relating to factors may support decision-makers within communities, organisations and enterprises to better understand these factors that then contribute towards enhanced food security. Relevant strategies or policies can then emerge and be developed such that strategic as well as operational interventions can be prioritised across national, regional or industry level. Underpinning the above, the waste within and across the food supply chain contributes to the six factors, also highlighting where additional focus may need to be applied to sustain food supply chains. This paper is a position paper that does not offer factual insight but rather highlights a direction of thought that others can consider exploring as part of wider research agendas in the topical area where enterprise, organisational, and information-based contributions may support the development of strategy-led food security policy. This paper provides reassuring insights that will help decision and policy makers assemble their thoughts when it comes to prioritising their communications and interventions amongst organisational/enterprise-level stakeholder groups involved in food security and food supply chain contexts. This paper has highlighted the need for more research around the human and organisational factors that are identified as both underpinning the need for food security and, as drivers of waste throughout the food supply chain. Indeed, there is further work needed to highlight the inter-relationships that exist and, which then feed into resulting interventions. To raise the importance of food security amongst differing stakeholder community groups at the organisational and enterprise level.

Sustainability

Food secure futures

Food supply chain

Food waste

L'intervention du juge dans la mise en oeuvre des sûretés réelles par le créancier dans le droit civil vietnamien / The intervention of the judge into the course of processing security transaction in Vietnamese civil law.

Doan, Thi Phuong Diep

03 December 2012

Les sûretés réelles jouent un rôle indispensable dans la vie civile ainsi que dans la vie économique d`un pays. Ces transactions amènent inéluctablement la disposition du bien garanti en cas d`insolvabilité du débiteur. Au Vietnam, presque toutes les sûretés accompagnent le prêt de consommation (les autres obligations telles que l`obligation de paiement née d`un contrat de vente sont rarement garanties en réalité). Cependant, dans la relation entre le prêteur et l`emprunteur, ce dernier est toujours dans une position plus faible que le premier parce que le prêteur est toujours dans la situation de besoin d`argent, même urgent. Cette différence du contrat de prêt influence de manière appréciable non seulement le contrat de sûreté accompagnée mais aussi la disposition du bien garanti. Bien que la mise en œuvre du bien garanti joue un rôle très important à l`égard des parties de la sûreté ainsi que les tiers concernés, elle n`est pas disposée clairement et officiellement par la voie législative selon le droit vietnamien. Cela veut dire que ce domaine n`est réglé que par le pouvoir administratif. En plus, dans la circonstance juridique du Vietnam actuelle, les parties de la sûreté peuvent convenir librement du mode de disposition du bien garanti en cas d`insolvabilité du débiteur. La loi ne prévoit aucune intervention afin de contrôler ce processus de la mise en œuvre du bien, cette situation est très dangereuse car la disposition du bien concerne non seulement les doits des parties mais aussi ceux des tiers. Afin de protéger le débiteur devant le créancier dans la négociation le contrat de sûreté, les tiers concernés devant la possibilité d`une disposition « amitié » du bien garanti entre le créancier et le débiteur, on a besoin d`une intervention judiciaire en tant qu`un mécanisme « neutre » avec le pouvoir étatique nécessaire. Cette intervention existe déjà en réalité mais sous forme facultative, donc elle n`est pas effective en jouant le rôle du gardien de la justice. A côté des droits du débiteur ainsi que des tiers concernés, les droits du créancier dans le contrat de sûreté sont appréciables, notamment en cas d`un débiteur de mauvais foi, l`intervention du juge et après cela, une garantie du pouvoir judiciaire dans l`exécution du jugement rendra utile le créancier garanti. Avec toutes les raisons ci-dessus, une intervention du juge dans la mise en œuvre du bien garanti est nécessairement traitée par la thèse. Cet étude traitera des dispositions du droit ainsi que de la situation réelle du Vietnam dans la réalisation du bien garanti, les avantages ainsi que les inconvénients dans l`exécution des dispositions du droit vietnamiens. C`est à partir de ces analyses que nous essayerons de construire un mécanisme juridique pour que les activités des parties concernées à la mise en œuvre du bien garanti puissent être effectuées de manière la plus favorable et la plus juste possible. / The measures to secure of property (in which the borrower pledges or mortgage some asset as collateral for the loan) play an important role in a country’s civilian and economic life. These secured debt agreements necessarily results in the sequestration of the possession of the asset used as collateral in case the borrower defaults. In Viet Nam, almost all measures to secure are warranted by a contractual agreement that documents the debtor’s duty to pay off the debt (Other categories of debt such as sale agreement are rarely secured). In reality, in any loan agreement, the debtors, being in usually-urgent need for money, are always on the dependent and disadvantaged side in negotiating with the creditor. This unequal negotiation advantage in loan agreement greatly impacts not only how the security is put in the loan but also how it is sequestrated to regain some or all of the amount originally lent to the borrower. Although the treatment of loan security in a secured loan agreement is vital to both parties as well as the third party, it is not formally and thoroughly addressed in law but only administered by the regulations issued by state management bodies. In Viet Nam nowadays, it is a practice in secured loan agreements that the two parties are free to negotiate how the collateral for the loan is treated in the event that the debt is not properly repaid. The legislation does not anticipate any forms or judicial intervention for the measure to secure processing in order to better control this category of secured debt. This freedom in settling measure to secure poses many financial risks as it affects not only the two direct parties of the security transaction but also the third party who is a “bona fide”. In order to protect the rights of the debtors who are on the inferior side in measure to secure negotiation and the third party who faces the possible trick arranged by the debtor and creditor in handling the loan security asset, it is crucial to establish a state-level judicial intervention mechanism to be employed in processing the measure to secure. In fact, this form of intervention exists but only on an on-request basis, and therefore fails to guarantee full protective efficiency in functioning as a legal protector. Besides the rights of the debtor and the third party, the rights of the creditor also need attending to by the legislators. Especially when the debtor is dishonest, the judicial intervention in this case, and then the participation of the executive bodies will be very helpful to the creditor. With all the above mentioned reasons, the intervention of the judge, representative of the judicial bodies, into the course of processing security transaction, need researching by the thesis. The thesis researches the legal regulations and the practice of handling security transaction in Viet Nam, as well the advantages and disadvantages in executing these regulations. Based on the analytical findings, a recommendation is made on establishing a legal mechanism to be applied in the treatment of measure to security so that the subject’s activities in this area can be conducted in the best convenient and reasonable manner.

Sûreté

Disposition du bien garanti

Sûreté réelle

Secure of property

Measure to secure of property

340

Hardware Security through Design Obfuscation

Chakraborty, Rajat Subhra

04 May 2010

No description available.

Electrical Engineering

Hardware security

design obfuscation

hardware Trojan

statistical logic testing

secure scan design

software obfuscation

secure system-on-chip design

Lattice Codes for Secure Communication and Secret Key Generation

Vatedka, Shashank

January 2017

In this work, we study two problems in information-theoretic security. Firstly, we study a wireless network where two nodes want to securely exchange messages via an honest-but-curious bidirectional relay. There is no direct link between the user nodes, and all communication must take place through the relay. The relay behaves like a passive eavesdropper, but otherwise follows the protocol it is assigned. Our objective is to design a scheme where the user nodes can reliably exchange messages such that the relay gets no information about the individual messages. We first describe a perfectly secure scheme using nested lattices, and show that our scheme achieves secrecy regardless of the distribution of the additive noise, and even if this distribution is unknown to the user nodes. Our scheme is explicit, in the sense that for any pair of nested lattices, we give the distribution used for randomization at the encoders to guarantee security. We then give a strongly secure lattice coding scheme, and we characterize the performance of both these schemes in the presence of Gaussian noise. We then extend our perfectly-secure and strongly-secure schemes to obtain a protocol that guarantees end-to-end secrecy in a multichip line network. We also briefly study the robustness of our bidirectional relaying schemes to channel imperfections. In the second problem, we consider the scenario where multiple terminals have access to private correlated Gaussian sources and a public noiseless communication channel. The objective is to generate a group secret key using their sources and public communication in a way that an eavesdropper having access to the public communication can obtain no information about the key. We give a nested lattice-based protocol for generating strongly secure secret keys from independent and identically distributed copies of the correlated random variables. Under certain assumptions on the joint distribution of the sources, we derive achievable secret key rates. The tools used in designing protocols for both these problems are nested lattice codes, which have been widely used in several problems of communication and security. In this thesis, we also study lattice constructions that permit polynomial-time encoding and decoding. In this regard, we first look at a class of lattices obtained from low-density parity-check (LDPC) codes, called Low-density Construction-A (LDA) lattices. We show that high-dimensional LDA lattices have several “goodness” properties that are desirable in many problems of communication and security. We also present a new class of low-complexity lattice coding schemes that achieve the capacity of the AWGN channel. Codes in this class are obtained by concatenating an inner Construction-A lattice code with an outer Reed-Solomon code or an expander code. We show that this class of codes can achieve the capacity of the AWGN channel with polynomial encoding and decoding complexities. Furthermore, the probability of error decays exponentially in the block length for a fixed transmission rate R that is strictly less than the capacity. To the best of our knowledge, this is the first capacity-achieving coding scheme for the AWGN channel which has an exponentially decaying probability of error and polynomial encoding/decoding complexities.

Secret Key Generation

Secure Communication

Nested Lattice Codes

Information Theoretic Security

Secure Bidirectional Relaying

LDA Lattices

Secure Computation

Bidirectional Relay

Lattice Coding Scheme

Gaussian Markov Tree Sources

Electrical Communication Engineering

Efficient and Secure Equality-based Two-party Computation

Javad Darivandpour (11190051)

27 July 2021

<div>Multiparty computation refers to a scenario in which multiple distinct yet connected parties aim to jointly compute a functionality. Over recent decades, with the rapid spread of the internet and digital technologies, multiparty computation has become an increasingly important topic. In addition to the integrity of computation in such scenarios, it is essential to ensure that the privacy of sensitive information is not violated. Thus, secure multiparty computation aims to provide sound approaches for the joint computation of desired functionalities in a secure manner: Not only must the integrity of computation be guaranteed, but also each party must not learn anything about the other parties' private data. In other words, each party learns no more than what can be inferred from its own input and its prescribed output.</div><div><br></div><div> This thesis considers secure two-party computation over arithmetic circuits based on additive secret sharing. In particular, we focus on efficient and secure solutions for fundamental functionalities that depend on the equality of private comparands. The first direction we take is providing efficient protocols for two major problems of interest. Specifically, we give novel and efficient solutions for <i>private equality testing</i> and multiple variants of <i>secure wildcard pattern matching</i> over any arbitrary finite alphabet. These problems are of vital importance: Private equality testing is a basic building block in many secure multiparty protocols; and, secure pattern matching is frequently used in various data-sensitive domains, including (but not limited to) private information retrieval and healthcare-related data analysis. The second direction we take towards a performance improvement in equality-based secure two-party computation is via introducing a generic functionality-independent secure preprocessing that results in an overall computation and communication cost reduction for any subsequent protocol. We achieve this by providing the first precise functionality formulation and secure protocols for replacing original inputs with much smaller inputs such that this replacement neither changes the outcome of subsequent computations nor violates the privacy of sensitive inputs. Moreover, our input-size reduction opens the door to a new approach for efficiently solving Private Set Intersection. The protocols we give in this thesis are typically secure in the semi-honest adversarial threat model.</div>

Theoretical Computer Science

Applied Computer Science

Computer System Security

secure two-party computation (S2PC)

Secure Multiparty Computation

Cryptography,

Pattern matching

Algorithm Design

Protocol Design

Feasibility, Efficiency, and Robustness of Secure Computation

Hai H Nguyen (14206922)

02 December 2022

<p>Secure computation allows mutually distrusting parties to compute over private data. Such collaborations have widespread applications in social, scientific, commercial, and security domains. However, the overhead of achieving security is a major bottleneck to the adoption of such technologies. In this context, this thesis aims to design the most secure protocol within budgeted computational or network resources by mathematically formulating it as an optimization problem. </p> <p>With the rise in CPU power and cheap RAM, the offline-online model for secure computation has become the prominent model for real-world security systems. This thesis investigates the above-mentioned optimization problem in the information-theoretic offline-online model. In particular, this thesis presents the following selected sample of our research in greater detail. </p> <p>Round and Communication Complexity: Chor-Kushilevitz-Beaver characterized the round and communication complexity of secure two-party computation. Since then, the case of functions with randomized output remained unexplored. We proved the decidability of determining these complexities. Next, if such a protocol exists, we construct the optimal protocol; otherwise, we present an obstruction to achieving security. </p> <p>Rate and Capacity of secure computation: The efficiency of converting the offline samples into secure computation during the online phase is essential. However, investigating this ``production rate'' for general secure computations seems analytically intractable. Towards this objective, we introduce a new model of secure computation -- one without any communication -- that has several practical applications. We lay the mathematical foundations of formulating rate and capacity questions in this framework. Our research identifies the first tight rate and capacity results (a la Shannon) in secure computation. </p> <p>Reverse multiplication embedding: We identify a new problem in algebraic complexity theory that unifies several efficiency objectives in cryptography. Reverse multiplication embedding seeks to implement as many (base field) multiplications as possible using one extension field multiplication. We present optimal construction using algebraic function fields. This embedding has subsequently led to efficient improvement of secure computation, homomorphic encryption, proof systems, and leakage-resilient cryptography. </p> <p>Characterizing the robustness to side-channel attacks: Side-channel attacks present a significant threat to the offline phase. We introduce the cryptographic analog of common information to characterize the offline phase's robustness quantitatively. We build a framework for security and attack analysis. In the context of robust threshold cryptography, we present a state-of-the-art attack, threat assessment, and security fix for Shamir's secret-sharing. </p> <p><br></p>

Cryptography

Secure computation

MPC

offline-online paradigm

reverse multiplication embedding

round and communication complexity

secure non-interactive simulation

rate and capacity

leakage resilience

secret sharing scheme

A Security and Privacy Audit of KakaoTalk’s End-to-End Encryption

Schmidt, Dawin

January 2016

End-to-end encryption is becoming a standard feature in popular mobile chat appli-cations (apps) with millions of users. In the two years a number of leading chat apps have added end-end encryption features including LINE, KakaoTalk, Viber, Facebook Messenger, and WhatsApp.However, most of these apps are closed-source and there is little to no independent ver-ification of their end-to-end encryption system design. These implementations may be a major concern as proprietary chat apps may make use of non-standard cryptographic algorithms that may not follow cryptography and security best practices. In addition, governments authorities may force chat app providers to add easily decryptable export-grade cryptography to their products. Further, mainstream apps have a large attack surface as they offer a variety of features. As a result, there may be software vulnera-bilities that could be exploited by an attacker in order to compromise user’s end-to-end privacy. Another problem is that, despite being closed-source software, providers often market their apps as being so secure that even the provider is not able to decrypt messages. These marketing claims may be potentially misleading as most users do not have the technical knowledge to verify them.In this Master’s thesis we use KakaoTalk – the most popular chat app in South Korea – as a case study to perform a security and privacy assessment and audit of its “Secure Chat” opt-in end-to-end encryption feature. Also, we examine KakaoTalk’s Terms of Service policies to verify claims such as “[. . . ] Kakao’s server is unable to decrypt the encryption [. . . ]” from a technical perspective.The main goal of this work is to show how various issues in a product can add up to the potential for serious attack vectors against end-to-end privacy despite there being multiple layers of security. In particular, we show how a central public-key directory server makes the end-to-end encryption system vulnerable to well-known operator-site man-in-the-middle attacks. While this naive attack may seem obvious, we argue that (KakaoTalk) users should know about the strength and weaknesses of a particular design in order to make an informed decision whether to trust the security of a chat app or not. / End-to-end kryptering är en allt mer vanligt förekommande funktionalitet bland populära mobila chatttjänster (händanefter appar) med miljontals användare. Under de två senaste åren har många ledande chattappar, bland annat LINE, KakaoTalk, Viber, Facebook Messenger, och WhatsApp, börjat använda end-to-end kryptering. Dock så är de flesta av dessa appar closed-source och det finns begränsad, eller ingen, fristående granskning av systemdesignen för deras end-to-end kryptering. Dessa implementationer kan innebära en stor risk då proprietära chattappar kan använda sig av kryptografiska algoritmer som inte följer best practice för säkerhet eller kryptografi. Vidare så kan statliga myndigheter tvinga de som tillhandahåller chattappar att använda lättdekrypterad export-grade kryptografi för sina produkter. Lägg till det att de flesta vanliga appar har många ytor som kan attackeras, till följd av all funktionalitet de erbjuder. Som ett resultat av detta finns en risk för mjukvarubrister som kan utnyttjas av en hackare för att inkräkta på en användares end-to-end integritet. Ytterligare ett problem är att trots att det är closed-source mjukvara så marknadsför ofta appleverantörerna sina appar som att vara är så säkra att inte ens leverantörerna själva kan dekryptera användarnas meddelanden. Det som hävdas i marknadsföringen riskerar vara missledande eftersom de flesta användarna inte har den tekniska kunskap som krävs för att kunna verifiera att det som hävdas är sant. I den här Master-uppsatsen använder vi KakaoTalk – den mest populära chattappen i Sydkorea – som en fallstudie för att granska och bedömma säkerhetens- och integritets-aspekterna hos deras valbara “Secure Chat” med end-to-end krypteringsfunktionalitet. Vi granskar även KakaoTalk’s användarvillkor för att kunna verifiera påståenden som att “[. . . ] Kakao’s server is unable to decrypt the encryption [. . . ]” från ett tekniskt perspektiv. Det huvudsakliga syftet med denna studien är att belysa hur olika brister i en produkt sammantagna kan skapa en risk för allvarliga vektorattacker mot end-to-end integriteten även fast det finns flera skyddslager. Mer specifikt visar vi hur en central katalogserver för public-keys gör end-to-end krypteringssystemet sårbart mot välkända operator-site man-in-the-middle-attacker. Trots att denna naiva typ av attack kan verka uppenbar, argumenterar vi för att (KakaoTalk) användare borde veta om styrkorna och svagheterna med en särskild systemdesign för att kunna göra ett informerat val för om de ska lita på säkerheten hos en chattapplikation eller inte.

Secure Messaging

End-to-end Encryption

Android Security

Secure Messaging

End-to-end Encryption

Android Security

Elektroteknik och elektronik

SATELLITE GROUND STATION SECURITY USING SSH TUNNELING

Mauldin, Kendall

10 1900

International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada / As more satellite ground station systems use the Internet as a means of connectivity, the security of the ground stations and data transferred between stations becomes a growing concern. Possible solutions include software-level password authentication, link encryption, IP filtering, and several others. Many of these methods are being implemented in many different applications. SSH (Secure Shell) tunneling is one specific method that ensures a highly encrypted data link between computers on the Internet. It is used every day by individuals and organizations that want to ensure the security of the data they are transferring over the Internet. This paper describes the security requirements of a specific example of a ground station network, how SSH can be implemented into the existing system, software configuration, and operational testing of the revised ground network.

Space Telemetry

Satellite Networking

Scalable Networking

Ground Station

Nanosatellite

Security

Encryption

Secure Link

Selling Telemetry Data Over the Internet Using SET

Kalibjian, Jeffrey R.

10 1900

International Telemetering Conference Proceedings / October 26-29, 1998 / Town & Country Resort Hotel and Convention Center, San Diego, California / Over the past two years the design and implementation of secure Internet based data sharing tools which could enable geographically remote contractor teams to access flight and test telemetry data securely over the Internet were presented [1] [2]. Key technologies facilitating these capabilities were the Hypertext Transfer (HTTP) protocol , the Secure Sockets Layer (SSL) protocol, and the Secure Multipurpose Internet Mail Extension (S/MIME) specification . This year we discuss utilizing the Secure Electronic Transaction (SET) specification in tandem with HTTP, SSL, and S/MIME to deploy a system for securely selling telemetry data over the Internet.

electronic commerce

secure data sharing

S/MIME

MIME

SSL

HTTP

SET